內容簡介
總結:WordPress Rest APIs可用於各種整合,但預設未經安全保護,可能導致安全問題和數據洩漏。加入身份驗證層是確保 API 受到保護免受未經授權訪問的簡單方法,加入基本身份驗證層是確保網站安全的第一步。
1. 為何強調對WordPress Rest APIs進行身份驗證?
- 因為預設情況下未經安全保護,容易導致安全問題和數據泄漏。
2. 該如何確保API受到保護?
- 加入身份驗證層是簡單的方法確保受到保護,並且添加基本身份驗證層是保證網站安全的第一步。
3. 可以將此身份驗證應用於哪些第三方整合?
- 可應用於各種第三方整合,如 Android/IOS apps整合、用於 headless WordPress 設置的REST API整合、數據同步解決方案等。
4. 在WordPress REST API Authentication外掛中提供哪些身份驗證方法?
- 提供基本身份驗證,允許使用WordPress用戶的用戶名和密碼來驗證REST API請求。
5. 如果無法在外掛中找到所需的身份驗證方法該怎麼辦?
- 我們不斷增加對新身份驗證方法的支持,如需任何方法並在外掛中找不到,請聯繫[email protected]。
外掛標籤
開發者團隊
② 後台搜尋「REST API Authentication and Security」→ 直接安裝(推薦)
原文外掛簡介
WordPress Rest APIs can be used for various integrations however they are not secured by default, which can lead to security issues and data leaks.
Adding an authentication layer is a simple method to make sure that your APIs are protected from any unauthorized access. Adding a basic authentication layer is the first step towards making your site secure.
You can use this authentication for various third-party integrations like Android/IOS app integrations, REST API integrations for your headless WordPress setup, data sync solutions, etc.
You can choose from various authentication methods like JWT authentication, API key authentication, OAuth authentication, etc to have a secure API.
This plugin makes sure that you have secure API and that your data stays where it should and is never compromised.
The WordPress REST API authentication and WordPress REST API Security plugin will make sure that users are only able to access your site resources after successful authentication with the method of your choice such as JWT authentication, OAuth authentication, API key authentication, basic authentication, etc.
WordPress REST API Authentication methods available in the plugin
Basic Authentication: This method allows you to use a WordPress user’s username and password to securely authenticate REST API requests and protect your WordPress REST API.
JWT Authentication: With this method, you can use JWT (JSON Web Token) to authenticate and secure your REST API. The JWT token is verified by the plugin to check the user’s authorization before they can access the API. The WordPress REST API authentication plugin issues a JWT token to a user by passing valid user credentials, this JWT token can then be used to authenticate further REST API calls.
Note: We are constantly adding support for new authentication methods, if you are looking for a method and can’t find it in the plugin please reach out to us at [email protected]
Features
FREE PLUGIN
* Protect all or select WordPress REST API.
* Basic authentication with WordPress username and password, this can also be converted into a token by base64 encoding the credentials to have a secure API.
* Allow or deny public access to your Rest API and make the critical REST APIs secure.
* Authentication for standard WordPress REST API.
* [Coming Soon] JWT token based authentication, the plugin can issue a JWT token to the user which can then be used for WordPress rest API authentication.
* [Coming Soon] An REST API that can issue JWT (JASON web tokens) to users. You can use this to access all the WordPress Rest APIs.
